Publication number | US7941471 B2 |
Publication type | Grant |
Application number | US 11/668,130 |
Publication date | May 10, 2011 |
Filing date | Jan 29, 2007 |
Priority date | Jan 29, 2007 |
Fee status | Paid |
Also published as | US20080183785 |
Publication number | 11668130, 668130, US 7941471 B2, US 7941471B2, US-B2-7941471, US7941471 B2, US7941471B2 |
Inventors | Oded Katz, Dan Ramon, Israel A. Wagner |
Original Assignee | International Business Machines Corporation |
Export Citation | BiBTeX, EndNote, RefMan |
Patent Citations (13), Non-Patent Citations (10), Referenced by (4), Classifications (7), Legal Events (2) | |
External Links: USPTO, USPTO Assignment, Espacenet | |
The present invention relates generally to the field of generating random numbers, and in particular, to an Integrated Circuit (“IC”) and method for generating a random number sequence.
Proposals for analog noise generation using chaotic circuits preceded the works on chaotic Random Number Generators (“RNG's”). White noise generation using the logistic map was analyzed in “Generation of Noise by Electronic Iteration of the Logistic Map” (G. C. McGonigal and M. I. Elmasry, IEEE Trans. Circ. Syst., vol. CAS-34, pp. 981-983, 1987), while for the same purpose a 1D piecewise linear map was used in “Switched-capacitor broadband noise generator for CMOS VLSI” (Rodriguez-Vasquez, M. Delgado, S. Espejo, and J. L. Huertas, Electronics letters, vol. 27, no. 21, pp. 1913-1915, October 1991. In “A chaotic switched-capacitor circuit for 1/f noise generation” (M. Delgado-Restituto, A. Rodriguez-Vasquez, S. Espejo, and J. L. Huertas, IEEE Trans. Circ. and Syst.-I, vol. 9, no. 4, pp. 325-328, April 1992) hopping transitions of a 1D piecewise linear chaotic map are used for 1/f noise generation. Some of these papers also mention RNG as possible application of their circuits.
Still the era of chaotic RNGs begins with the works of Bernstein and Lieberman (G. M. Bernstein and M. A. Lieberman, “Secure random number generation using chaotic circuits”, IEEE Trans. Circ. Syst., vol. 37, pp. 1157-1164, 1990), and Espejo-Meana et al. (S. Espejo-Meana, A. Rodriguez-Vazquez, J. L. Huertas, and J. M. Quintana, “Application of chaotic switched-capacitor circuits for random-number generation”, European conference on circuit theory and design 1989, pp. 440-444, 1989). In these two papers and in those following them, chaotic circuits serve as physical sources of randomness. Tent map implemented via switched-capacitor circuits and a first-order nonuniformly sampling digital phase-locked loop is used to produce a binary random sequence through a binary quantization of a chaotic signal.
Failures or drops in performances may silently occur in classical RNGs, and periodic check-ups (via the black magic of complicated statistical tests) and tune-ups are necessary to maintain the performances. Using chaotic circuits, a possible solution for this problem can be achieved by tuning the nominal parameter values to lie in the middle of the region of parameter values that provide a chaotic behavior. However, in today IC technology the process variations, power supply fluctuations, temperature changes, clock feed-through and other influences are likely to cause the nonlinear circuit to leave the parameter region of chaotic behavior.
The availability of high quality random number generators is essential to the effectiveness of a cryptographic system. With the advent of very large-scale integrated circuits (VLSI), and the embodiment of cryptographic systems in VLSI, it is important that component random number generators be compatible with VLSI circuit processing. Various pseudo-random number generators have been developed in the prior art, however they are all subject to attack by an eavesdropper with the intention of circumventing the cryptographic system.
Turning now to
The NLD extracts the SIGN of the entered signal, meaning, if the signal is equal or higher than a certain threshold, then SIGN(X) is “+” otherwise it is “−”, wherein “+” and “−” are used as unary operators. The NLD outputs equals: −A*SIGN(X[n]) (160), wherein “A” is a predefined constant.
The single ended chaos architecture may be characterized by a one-loop feed back (110) which returns the output of the Non-Linear Discriminator (NLD) to the input of the Linearized Sample and Hold (LSH).
The Finite Difference Equation (FDE), which is employed by this circuit, is very sensitive to the value of equation coefficients and equation non-idealities. Circuits implementing chaotic FDE must be very accurate and bounded with narrower margins than those needed by most analog applications.
FDE non-idealities and small variations in the coefficients may originate from variation in operation conditions and process. Previous single ended chaos-based IC implementations were tunes to function under nominal conditions, but their performance degraded a corner condition.
The problem of degraded performance at corner condition may aggravate in today's analog IC's that work under strict voltage budget, and have a reduced overdrive voltage.
Therefore because of the problems described above, there exists a need in the field of IC design and fabrication for an improved pseudo-random numbers generator using chaos circuits.
The present invention relates to random number generation using an integrated circuit. According to some embodiments of the present invention, there is provided a circuit including a Differential Sample and Hold circuit portion. According to further embodiments of the present invention, there may be provided a Differential Discriminator circuit portion, which discriminator circuit portion may be of a non-linear type.
In accordance with a first aspect of the present invention a circuit for generating random signal is presented. The circuit may include at least one differential component adapted to use a delta between two signals to generate two output signals.
In accordance with a second aspect of the present invention a method of generating a random signal is presented. The method may include using a delta between two signals to generate two output signals.
The subject matter regarded as the invention is particularly pointed out and distinctly claimed in the concluding portion of the specification. The invention, however, both as to organization and method of operation, together with objects, features, and advantages thereof, may best be understood by reference to the following detailed description when read with the accompanying drawings in which:
It will be appreciated that for simplicity and clarity of illustration, elements shown in the figures have not necessarily been drawn to scale. For example, the dimensions of some of the elements may be exaggerated relative to other elements for clarity. Further, where considered appropriate, reference numerals may be repeated among the figures to indicate corresponding or analogous elements.
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present invention.
Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as “processing”, “computing”, “calculating”, “determining”, or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities within the computing system's registers and/or memories into other data similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices.
Embodiments of the present invention may include apparatuses for performing the operations herein. This apparatus may be specially constructed for the desired purposes, or it may comprise a general-purpose computer selectively activated or reconfigured by a computer program stored in the computer. Such a computer program may be stored in a computer readable storage medium, such as, but is not limited to, any type of disk including floppy disks, optical disks, CD-ROMs, magnetic-optical disks, read-only memories (ROMs), random access memories (RAMs) electrically programmable read-only memories (EPROMs), electrically erasable and programmable read only memories (EEPROMs), magnetic or optical cards, or any other type of media suitable for storing electronic instructions, and capable of being coupled to a computer system bus.
The processes and displays presented herein are not inherently related to any particular computer or other apparatus. Various general-purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct a more specialized apparatus to perform the desired method. The desired structure for a variety of these systems will appear from the description below. In addition, embodiments of the present invention are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the inventions as described herein.
The present invention relates to random number generation using an integrated circuit. According to some embodiments of the present invention, there is provided a circuit including a Differential Sample and Hold circuit portion (DSH). According to further embodiments of the present invention, there may be provided a Differential Discriminator circuit portion, which discriminator circuit portion may be of a non-linear type.
According to some embodiments of the present invention, a signal X[n] (denoted as “X”) may be divided to two differential signals, X^{n}[n] and X^{p}[n], wherein X^{n}[n] and X^{p}[n] may be defined as:
X ^{n} [n]=(−)X[n]+CM
X ^{p} [n]=X[n]+CM
According to yet further embodiments of the present invention, the two signals X^{n}[n] (“X^{n}”) and X^{p}[n] (“X^{p}”) may be used as a first and second input signals of the DSH.
According to further embodiments of the present invention, the output signals of the DSH, denoted respectively by X^{1 }and X^{2}, may be calculated according to the following formula:
X ^{1} [n]=X ^{p} [n]−X ^{n} [n]=2*X[n]
X ^{2} [n]=X ^{n} [n]−X ^{p} [n]=(−)2*X[n]
According to some embodiments of the present invention, the two signals X^{1 }and X^{2}, may be used as input signals for the Differential Non-Linear Discriminator (DNLD). According to yet further embodiments of the present invention, the DNLD may extract the value of SIGN (X) and SIGN(−X) from input signals X^{1 }and X^{2}, Wherein SIGN(Y) is a function defined as
According to yet further embodiments of the present invention, the output of the DNLD may be two signals defined by:
OUTPUT1[n]=−A*SIGN(X)
OUTPUT2[n]=−A*SIGN(−X)
According to further embodiments of the present invention, OUTPUT1[n] signal may be connected via a feedback loop to the first DSH input, accordingly we can denote OUTPUT1[n] as X^{p}[n+1]. According to yet further embodiments of the present invention, OUTPUT2[n] signal may be connected via a feedback loop to the second DSH input, accordingly we can denote OUTPUT2[n] as X^{n}[n+1].
According to some embodiments of the present invention, the use of the Differential Sample and Hold (DSH) circuit portion results in doubling the input signal (as shown hereinabove in the formulas of X^{1}[n] and X^{2}[n]), using only KCL (Kirchoff current law), without the use of a current mirror, resulting in a circuit with higher linearity, a wider dynamic range, a more robust signal application and eliminating the common mode interference.
According to yet further embodiments of the present invention, the differential circuit design may also generate a random bit stream with improved statistical properties. The statistical properties may be parameters such as: Entropy, Mixing, Autocorrelation, Zero-to-one ratio, or Other parameters known in the art.
According to further embodiments of the present invention, the use of the Differential Sample and Hold (DSH) circuit portion may result in intrinsically producing a symmetric map.
According to some embodiments of the present invention, the use of the Differential Non-Linear Discriminator (DNLD) circuit portion may result in that the input signals are compared at the differential amplifier input, thereby avoiding the need for reference signal.
According to some embodiments of the present invention, the differential approach may also result in superior robustness to supply-voltage-temperature and process variations.
Turning now to
According to some embodiments of the present invention, the signal X[n] (4010), which is a differential analog signal, X^{n}[n] (4020) and X^{p}[n] (4030), which two signals also appear in
According to some embodiments of the present invention, the two signals may be represented by the following formula:
X ^{n} [n]=(−)X[n]+CM
X ^{p} [n]=X[n]+CM
According to some embodiments of the present invention, the two signals X^{n }and X^{p}, may be used as input signals to a Differential Sample and Hold (DSH) element (4040). A DSH also appears in
According to some embodiments of the present invention, the output of the DSH may be two or more signals, the two outputs signals of the DSH are denoted as X^{1}[n] (4060) and X^{2}[n] (4050).
According to further embodiments of the present invention, the signals X^{1}[n] and X^{2}[n] may be generated using a differentiation action of the two input signal of the DSH (4030 and 4020), hence, the two output signal may be defined by the following formulas:
X ^{1} [n]=X ^{p} [n]−X ^{n} [n]=2*X[n]
X ^{2} [n]=X ^{n} [n]−X ^{p} [n]=(−)2*X[n]
According to further embodiments of the present invention, the signals X^{1}[n] and X^{2}[n] may be used as the input signals to a Differential Non-Linear Discriminator (4070). The DNLD also appears in
According to yet further embodiments of the present invention, the output signals of the DNLD may be defined by:
OUTPUT1[n]=−A*SIGN(X)
OUTPUT2[n]=−A*SIGN(−X)
According to yet further embodiments of the present invention, the output signals of the DNLD, are connected via one or more feedback loops to the input of the DSH (4040). The embodiment described here is of two loop feedbacks that are denoted as 4100 and 4110 and also appear in
According to yet further embodiments of the present invention, due to feedback loops 4110 and 4100, signals OUTPUT1 and OUTPUT2, described hereinabove, may be defined by the following formula:
OUTPUT1=X ^{n} [n+1] (4090)
OUTPUT2=X ^{p} [n+1] (4080)
According to yet further embodiments of the present invention, signals X^{n}[+1] and X^{p}[n+1] may be generated in a recursive manner, and may also be defined by:
X ^{n} [n+1]=(−)X[n+1] (2090)
X ^{p} [n+1]=X[n+1] (2080)
According to some embodiments of the present invention, the DSH (2040) circuit portion may comprise a master and slave gates at the two differential branches and a subtractor between them. The differential current mode design is used in order to eliminate the single-ended circuit drawbacks and its robustness problems. In
Turning now to
This novel approach to a chaos based RNG, utilizes a differential sample and hold circuit (DSH), and a differential non-linear discriminator (DNLD). We show that the proposed differential design can intrinsically realize a more ideal chaotic FDE with improved symmetry, smaller offset, higher linearity and wider dynamic range. As a result, the differential circuit generates a bit-stream with improved statistical properties, exhibits superior robustness and overcomes the drawbacks of single ended chaos circuits.
While certain features of the invention have been illustrated and described herein, many modifications, substitutions, changes, and equivalents will now occur to those skilled in the art. It is therefore, to be understood that the appended claims are intended to cover all such modifications and changes as fall within the true spirit of the invention.
Cited Patent | Filing date | Publication date | Applicant | Title |
---|---|---|---|---|
US5500892 * | Feb 14, 1994 | Mar 19, 1996 | Brooktree Corporation | Echo canceller |
US5506795 | Feb 18, 1993 | Apr 9, 1996 | Yamakawa; Takeshi | Apparatus and method for generating chaotic signals and chaos device |
US5745655 | Jan 19, 1995 | Apr 28, 1998 | Gold Star Electron Co., Ltd. | Chaotic neural circuit and chaotic neural network using the same |
US5961577 * | Dec 5, 1997 | Oct 5, 1999 | Texas Instruments Incorporated | Random binary number generator |
US6218973 | Mar 5, 1999 | Apr 17, 2001 | Motorola, Inc. | Binary random number generator |
US6732127 | Jan 10, 2001 | May 4, 2004 | Hewlett-Packard Development Company, L.P. | Verifiable random number generator using chaos |
US6763364 | Oct 30, 2000 | Jul 13, 2004 | Scott A. Wilber | Random number generator and generation method |
US6842745 | Jan 9, 2002 | Jan 11, 2005 | Stmicroelectronics S.R.L. | Programmable chaos generator and process for use thereof |
US6899240 | Sep 25, 2002 | May 31, 2005 | Carson Industries Llc | Subgrade vault |
US7113116 * | Jan 26, 2005 | Sep 26, 2006 | Analog Devices, Inc. | Sample and hold apparatus |
US20030185392 | Jan 13, 2003 | Oct 2, 2003 | Inng-Lane Sun | Random number generator |
US20030219119 | Dec 13, 2002 | Nov 27, 2003 | Stmicroelectronics S.R.L. | Method for generating a random number sequence and a relative random bit generator |
EP1320026A1 | Dec 13, 2001 | Jun 18, 2003 | STMicroelectronics S.r.l. | Method for generating a random number sequence and a relative random bit generator |
Reference | ||
---|---|---|
1 | C. C. Wang et al., "Switched-Current 3-Bit CMOS 4.0 MHz Wideband Random Signal Generator" IEEE J. Solid State Circuits, vol. 40, No. 6, Jun. 2005. | |
2 | Espejo-Meana et al., "Application of Chaotic Switched-Capacitor Circuits for Random-Number Generation", European Conference on Circuit Theory and Design 1989, pp. 440-444, 1989. | |
3 | G. M. Bernstein and M. A. Lieberman, "Secure Random Number Generation Using Chaotic Circuits", IEEE Trans. Circ. Syst., vol. 37, pp. 1157-1164, 1990. | |
4 | G.C. McGonigal et al., "Generation of Noise by Electronic Iteration of the Logistic Map", IEEE Trans. Circ. Syst., vol. CAS-34, pp. 981-983, 1987. | |
5 | M. Delgado-Restituto et al., "A Chaotic Switched-Capacitor Circuit for 1/f Noise Generation", IEEE Trans. Circ. and Syst.-I, vol. 9, No. 4, pp. 325-328, Apr. 1992. | |
6 | M. Delgado-Restituto, F. Medeiro, A. Rodriguez-Vazquez, "Nonlinear Switched-Current CMOS IC for Random Signal Generation" Elec. Lett., vol. 29, No. 25, pp. 2190-2191, Dec. 1993. | |
7 | Rodrigues-Vasquez et al., "Switched-Capacitor Broadband Noise Generator for SMOS VLSI", Electronics Letters, vol. 27, No. 21, pp. 1913-1915, Oct. 1991. | |
8 | Security Requirements for Cryptographic Modules, Federal Information Processing Standards FIPS 140-2, May 2001. | |
9 | T. Stojanovski, J. Pihl, L. Kocarev, "Chaos-Based Random Number Generator-Part II: Practical Realization", IEEE TRans. Circuits Syst. I: Fund. Theory Application, vol. 48, No. 3, pp. 382-385, Mar. 2001. | |
10 | T. Stojanovski, J. Pihl, L. Kocarev, "Chaos-Based Random Number Generator—Part II: Practical Realization", IEEE TRans. Circuits Syst. I: Fund. Theory Application, vol. 48, No. 3, pp. 382-385, Mar. 2001. |
Citing Patent | Filing date | Publication date | Applicant | Title |
---|---|---|---|---|
US8564529 | Jun 1, 2011 | Oct 22, 2013 | Semiconductor Energy Laboratory Co., Ltd. | Method for driving liquid crystal display device |
US9047840 | Jun 14, 2011 | Jun 2, 2015 | Semiconductor Energy Laboratory Co., Ltd. | Display device and electronic appliance |
US9109286 | Jun 14, 2011 | Aug 18, 2015 | Semiconductor Energy Laboratory Co., Ltd. | Method of manufacturing power storage device |
US9230489 | Jun 23, 2011 | Jan 5, 2016 | Semiconductor Energy Laboratory Co., Ltd. | Liquid crystal display device and method for driving liquid crystal display device |
U.S. Classification | 708/250, 708/255 |
International Classification | G06F1/02 |
Cooperative Classification | G06F7/588, H04L9/001 |
European Classification | G06F7/58R, H04L9/00C |
Date | Code | Event | Description |
---|---|---|---|
Jan 29, 2007 | AS | Assignment | Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KATZ, ODED;RAMON, DAN;WAGNER, ISRAEL A.;REEL/FRAME:018817/0885 Effective date: 20070108 |
Oct 10, 2014 | FPAY | Fee payment | Year of fee payment: 4 |